From f077e5e5f25e6e4dca145f0dfcb77965fddfb407 Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Wed, 25 Mar 2015 11:07:58 -0500 Subject: [PATCH 01/11] Add PHP 7 to .travis.yml --- .travis.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.travis.yml b/.travis.yml index 7ad8e20..389bd55 100644 --- a/.travis.yml +++ b/.travis.yml @@ -5,6 +5,7 @@ php: - 5.4 - 5.5 - 5.6 + - '7' before_script: - composer self-update From 8a1f6a719657ee35320af21b89d685a83daa1bcf Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Wed, 25 Mar 2015 12:04:32 -0500 Subject: [PATCH 02/11] Refactor Exceptions --- .../Auth/{ => Exception}/AuthException.php | 2 +- .../Auth/Exception/HttpForbiddenException.php | 18 ++++-------- .../Exception/HttpUnauthorizedException.php | 29 +++++++++++++++++++ 3 files changed, 36 insertions(+), 13 deletions(-) rename src/JeremyKendall/Slim/Auth/{ => Exception}/AuthException.php (88%) create mode 100644 src/JeremyKendall/Slim/Auth/Exception/HttpUnauthorizedException.php diff --git a/src/JeremyKendall/Slim/Auth/AuthException.php b/src/JeremyKendall/Slim/Auth/Exception/AuthException.php similarity index 88% rename from src/JeremyKendall/Slim/Auth/AuthException.php rename to src/JeremyKendall/Slim/Auth/Exception/AuthException.php index f21388c..902a87b 100644 --- a/src/JeremyKendall/Slim/Auth/AuthException.php +++ b/src/JeremyKendall/Slim/Auth/Exception/AuthException.php @@ -9,7 +9,7 @@ * @license http://github.com/jeremykendall/slim-auth/blob/master/LICENSE MIT */ -namespace JeremyKendall\Slim\Auth; +namespace JeremyKendall\Slim\Auth\Exception; /** * Slim Auth Exception. diff --git a/src/JeremyKendall/Slim/Auth/Exception/HttpForbiddenException.php b/src/JeremyKendall/Slim/Auth/Exception/HttpForbiddenException.php index a913d60..19f8a0e 100644 --- a/src/JeremyKendall/Slim/Auth/Exception/HttpForbiddenException.php +++ b/src/JeremyKendall/Slim/Auth/Exception/HttpForbiddenException.php @@ -11,8 +11,6 @@ namespace JeremyKendall\Slim\Auth\Exception; -use JeremyKendall\Slim\Auth\AuthException; - /** * HTTP 403 Exception. */ @@ -20,16 +18,12 @@ class HttpForbiddenException extends AuthException { /** * Public constructor. - * - * @param string $message Exception message - * @param int $code Exception code - * @param Exception $previous Previous exception */ - public function __construct( - $message = 'You are not authorized to access this resource', - $code = 403, - \Exception $previous = null - ) { - parent::__construct($message, $code, $previous); + public function __construct() + { + $message = 'You are not authorized to access this resource'; + $code = 403; + + parent::__construct($message, $code); } } diff --git a/src/JeremyKendall/Slim/Auth/Exception/HttpUnauthorizedException.php b/src/JeremyKendall/Slim/Auth/Exception/HttpUnauthorizedException.php new file mode 100644 index 0000000..d0d7ee3 --- /dev/null +++ b/src/JeremyKendall/Slim/Auth/Exception/HttpUnauthorizedException.php @@ -0,0 +1,29 @@ + Date: Wed, 25 Mar 2015 12:13:41 -0500 Subject: [PATCH 03/11] Update dependencies Password Validator update is a BC breaking change. See https://github.com/jeremykendall/password-validator/releases/tag/3.0.0 for details. --- composer.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/composer.json b/composer.json index 3e2e126..157eaeb 100644 --- a/composer.json +++ b/composer.json @@ -29,8 +29,8 @@ ], "require": { "php": ">=5.3.7", - "jeremykendall/password-validator": "2.*", - "wp-cli/php-cli-tools": "~0.9", + "jeremykendall/password-validator": "3.*", + "wp-cli/php-cli-tools": "~0.10", "zendframework/zend-authentication": "~2", "zendframework/zend-permissions-acl": "~2", "zendframework/zend-session": "~2" From 765d4d09dc0f90eb5b9fff271633598907024c18 Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Wed, 25 Mar 2015 12:14:45 -0500 Subject: [PATCH 04/11] Explicitly set default StorageInterface implementation in Bootstrap. The former implementation felt far too magical, considering it was very confusing to not add storage to the Bootstrap, there was no default storage in the Bootstrap, yet default storage was indeed set, but a level or two below Bootstrap. This change makes it very clear what the default storage implementation is and where it's getting set. --- src/JeremyKendall/Slim/Auth/Bootstrap.php | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/JeremyKendall/Slim/Auth/Bootstrap.php b/src/JeremyKendall/Slim/Auth/Bootstrap.php index f0e5b7a..93ecbcc 100644 --- a/src/JeremyKendall/Slim/Auth/Bootstrap.php +++ b/src/JeremyKendall/Slim/Auth/Bootstrap.php @@ -15,6 +15,7 @@ use Slim\Slim; use Zend\Authentication\Adapter\AbstractAdapter; use Zend\Authentication\AuthenticationService; +use Zend\Authentication\Storage\Session as SessionStorage; use Zend\Authentication\Storage\StorageInterface; use Zend\Permissions\Acl\AclInterface; @@ -101,10 +102,16 @@ public function getAcl() /** * Gets storage. * + * Returns instance of Zend\Authentication\Storage\Session if storage is null + * * @return StorageInterface AuthenticationService storage */ public function getStorage() { + if (is_null($this->storage)) { + $this->storage = new SessionStorage('slim_auth'); + } + return $this->storage; } From 1ac46f63aa2ab7bb35f305e3e8ea4910c08a0c83 Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Wed, 25 Mar 2015 12:17:06 -0500 Subject: [PATCH 05/11] Throw HttpUnauthorizedException instead of redirecting to login. --- .../Slim/Auth/Middleware/Authorization.php | 6 ++++-- .../Tests/Middleware/AuthorizationTest.php | 18 +++++++++--------- 2 files changed, 13 insertions(+), 11 deletions(-) diff --git a/src/JeremyKendall/Slim/Auth/Middleware/Authorization.php b/src/JeremyKendall/Slim/Auth/Middleware/Authorization.php index a1bdf84..625368b 100644 --- a/src/JeremyKendall/Slim/Auth/Middleware/Authorization.php +++ b/src/JeremyKendall/Slim/Auth/Middleware/Authorization.php @@ -12,6 +12,7 @@ namespace JeremyKendall\Slim\Auth\Middleware; use JeremyKendall\Slim\Auth\Exception\HttpForbiddenException; +use JeremyKendall\Slim\Auth\Exception\HttpUnauthorizedException; use Zend\Authentication\AuthenticationServiceInterface; use Zend\Permissions\Acl\AclInterface; @@ -57,7 +58,8 @@ public function __construct(AuthenticationServiceInterface $auth, AclInterface $ * Uses hook to check for user authorization. * Will redirect to named login route if user is unauthorized. * - * @throws \RuntimeException if there isn't a named 'login' route + * @throws HttpForbiddenException If an authenticated user is not authorized for the resource + * @throws HttpUnauthorizedException If an unauthenticated user is not authorized for the resource */ public function call() { @@ -77,7 +79,7 @@ public function call() } if (!$hasIdentity && !$isAllowed) { - return $app->redirect($app->urlFor('login')); + throw new HttpUnauthorizedException(); } }; diff --git a/tests/JeremyKendall/Slim/Auth/Tests/Middleware/AuthorizationTest.php b/tests/JeremyKendall/Slim/Auth/Tests/Middleware/AuthorizationTest.php index 7fc8bad..547ee4b 100644 --- a/tests/JeremyKendall/Slim/Auth/Tests/Middleware/AuthorizationTest.php +++ b/tests/JeremyKendall/Slim/Auth/Tests/Middleware/AuthorizationTest.php @@ -2,6 +2,7 @@ namespace JeremyKendall\Slim\Auth\Tests\Middleware; +use JeremyKendall\Slim\Auth\Exception\AuthException; use JeremyKendall\Slim\Auth\Middleware\Authorization; use Zend\Permissions\Acl\Acl; use Zend\Permissions\Acl\Role\GenericRole as Role; @@ -43,13 +44,12 @@ protected function tearDown() */ public function testRouteAuthentication( $requestMethod, - $path, + $path, $location, $hasIdentity, $identity, $httpStatus - ) - { + ) { \Slim\Environment::mock(array( 'REQUEST_METHOD' => $requestMethod, 'PATH_INFO' => $path, @@ -65,9 +65,9 @@ public function testRouteAuthentication( $app = new \Slim\Slim(array('debug' => false)); - $app->error(function(\Exception $e) use ($app) { - // Example of handling 403 FORBIDDEN - if ($e instanceof \JeremyKendall\Slim\Auth\Exception\HttpForbiddenException) { + $app->error(function (\Exception $e) use ($app) { + // Example of handling Auth Exceptions + if ($e instanceof AuthException) { $app->response->setStatus($e->getCode()); $app->response->setBody($e->getMessage()); } @@ -90,9 +90,9 @@ public function testRouteAuthentication( public function authenticationDataProvider() { - /** + /* $requestMethod, - $path, + $path, $location, $hasIdentity, $identity, @@ -103,7 +103,7 @@ public function authenticationDataProvider() array('GET', '/', null, false, null, 200), array('GET', '/login', null, false, null, 200), array('POST', '/login', null, false, null, 200), - array('GET', '/member', '/login', false, null, 302), + array('GET', '/member', null, false, null, 401), // Member array('GET', '/admin', null, true, new Identity('member'), 403), array('DELETE', '/member/photo/992892', null, true, array('role' => 'member'), 200), From 1222bd01d24c4a59f67ed74c5ecf3cf8fdb1f12d Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Wed, 25 Mar 2015 12:17:44 -0500 Subject: [PATCH 06/11] Add test to verify default storage implementation. --- .../JeremyKendall/Slim/Auth/Tests/BootstrapTest.php | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/tests/JeremyKendall/Slim/Auth/Tests/BootstrapTest.php b/tests/JeremyKendall/Slim/Auth/Tests/BootstrapTest.php index 97e8726..7055737 100644 --- a/tests/JeremyKendall/Slim/Auth/Tests/BootstrapTest.php +++ b/tests/JeremyKendall/Slim/Auth/Tests/BootstrapTest.php @@ -4,7 +4,6 @@ use JeremyKendall\Slim\Auth\Bootstrap; use Slim\Slim; -use Zend\Authentication\AuthenticationService; use Zend\Authentication\Storage\StorageInterface; use Zend\Permissions\Acl\Acl; @@ -56,10 +55,17 @@ public function testBootstrap() public function testGetSetStorage() { - $storage = $this->getMock('Zend\Authentication\Storage\StorageInterface'); + $defaultStorage = $this->bootstrap->getStorage(); + + $this->assertInstanceOf( + 'Zend\Authentication\Storage\StorageInterface', + $defaultStorage + ); + $this->assertEquals('slim_auth', $defaultStorage->getNamespace()); - $this->assertNull($this->bootstrap->getStorage()); + $storage = $this->getMock('Zend\Authentication\Storage\StorageInterface'); $this->bootstrap->setStorage($storage); + $this->assertSame($storage, $this->bootstrap->getStorage()); } From 692b7cde9b802347d38f0d5c5e8f7a66cfb2f6da Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Wed, 25 Mar 2015 12:20:28 -0500 Subject: [PATCH 07/11] CS fixes, remove cruft --- .../Slim/Auth/Tests/Adapter/Db/PdoAdapterTest.php | 14 +++++++------- .../Slim/Auth/Tests/BootstrapFunctionalTest.php | 4 ++-- tests/bootstrap.php | 9 --------- 3 files changed, 9 insertions(+), 18 deletions(-) diff --git a/tests/JeremyKendall/Slim/Auth/Tests/Adapter/Db/PdoAdapterTest.php b/tests/JeremyKendall/Slim/Auth/Tests/Adapter/Db/PdoAdapterTest.php index a48f6ab..1a4ec0a 100644 --- a/tests/JeremyKendall/Slim/Auth/Tests/Adapter/Db/PdoAdapterTest.php +++ b/tests/JeremyKendall/Slim/Auth/Tests/Adapter/Db/PdoAdapterTest.php @@ -63,8 +63,8 @@ public function testAuthenticationSuccess() $this->passwordValidator->expects($this->once()) ->method('isValid') ->with( - $this->plainTextPassword, - $this->identity['hashed_password'], + $this->plainTextPassword, + $this->identity['hashed_password'], $this->identity['id'] ) ->will($this->returnValue(new ValidationResult(ValidationResult::SUCCESS))); @@ -89,7 +89,7 @@ public function testAuthenticationFailsBadPassword() ->method('isValid') ->with( 'bad password', - $this->identity['hashed_password'], + $this->identity['hashed_password'], $this->identity['id'] ) ->will($this->returnValue( @@ -128,8 +128,8 @@ public function testIssue13() $this->passwordValidator->expects($this->once()) ->method('isValid') ->with( - $this->plainTextPassword, - $this->identity['hashed_password'], + $this->plainTextPassword, + $this->identity['hashed_password'], $this->identity['id'] ) ->will($this->returnValue(new ValidationResult(ValidationResult::SUCCESS))); @@ -178,11 +178,11 @@ private function setUpDb($fetchStyle = PDO::FETCH_ASSOC) private function setUpAdapter() { - $this->passwordValidator = + $this->passwordValidator = $this->getMock('JeremyKendall\Password\PasswordValidatorInterface'); $this->adapter = new PdoAdapter( - $this->db, + $this->db, $tableName = 'application_users', $identityColumn = 'email_address', $credentialColumn = 'hashed_password', diff --git a/tests/JeremyKendall/Slim/Auth/Tests/BootstrapFunctionalTest.php b/tests/JeremyKendall/Slim/Auth/Tests/BootstrapFunctionalTest.php index 1c856f4..125dedb 100644 --- a/tests/JeremyKendall/Slim/Auth/Tests/BootstrapFunctionalTest.php +++ b/tests/JeremyKendall/Slim/Auth/Tests/BootstrapFunctionalTest.php @@ -18,7 +18,7 @@ class BootstrapFunctionalTest extends \PHPUnit_Framework_TestCase /** * Confirms that $this->app->auth and $this->app->authenticator - * return the expected class instances + * return the expected class instances. */ public function testBootstrap() { @@ -33,7 +33,7 @@ public function testBootstrap() $this->assertInstanceOf( 'JeremyKendall\Slim\Auth\Authenticator', - $app->authenticator + $app->authenticator ); } } diff --git a/tests/bootstrap.php b/tests/bootstrap.php index 9a0870c..571a775 100644 --- a/tests/bootstrap.php +++ b/tests/bootstrap.php @@ -9,12 +9,3 @@ $loader->add('JeremyKendall\\Slim\\Auth\\Tests\\', __DIR__); define('SLIM_MODE', 'testing'); - -function d($var) { - var_dump($var); -} - -function dd($var) { - d($var); - die(); -} From cd55b89e47724ab901640577e112f02cab82903c Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Wed, 25 Mar 2015 12:20:42 -0500 Subject: [PATCH 08/11] Add bin and tests dir to .php_cs finder --- .php_cs | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/.php_cs b/.php_cs index dac1727..e59fbd4 100644 --- a/.php_cs +++ b/.php_cs @@ -3,13 +3,15 @@ require_once './vendor/autoload.php'; $finder = \Symfony\CS\Finder\DefaultFinder::create() - ->in('src/'); + ->in('bin/') + ->in('src/') + ->in('tests/'); return \Symfony\CS\Config\Config::create() ->setUsingCache(true) ->fixers([ - '-concat_without_spaces', - 'concat_with_spaces', + '-concat_without_spaces', + 'concat_with_spaces', 'ordered_use', ]) ->finder($finder); From 1a3cff7cb5886a2fd69a24dce3c9c02d6f1f2b95 Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Wed, 25 Mar 2015 12:20:58 -0500 Subject: [PATCH 09/11] Add jeremykendall/debug-die to require-dev --- composer.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/composer.json b/composer.json index 157eaeb..53717fc 100644 --- a/composer.json +++ b/composer.json @@ -38,7 +38,8 @@ "require-dev": { "league/phpunit-coverage-listener": "~1.1", "phpunit/phpunit": "4.*", - "slim/slim": "^2.4.2" + "slim/slim": "^2.4.2", + "jeremykendall/debug-die": "0.0.1.*" }, "autoload": { "psr-0": { From 7fd15fd8ee636aca05b723274c60e48e46dbae53 Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Wed, 25 Mar 2015 12:29:55 -0500 Subject: [PATCH 10/11] Update version constraints --- composer.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/composer.json b/composer.json index 53717fc..cc147ad 100644 --- a/composer.json +++ b/composer.json @@ -31,9 +31,9 @@ "php": ">=5.3.7", "jeremykendall/password-validator": "3.*", "wp-cli/php-cli-tools": "~0.10", - "zendframework/zend-authentication": "~2", - "zendframework/zend-permissions-acl": "~2", - "zendframework/zend-session": "~2" + "zendframework/zend-authentication": "2.*", + "zendframework/zend-permissions-acl": "2.*", + "zendframework/zend-session": "2.*" }, "require-dev": { "league/phpunit-coverage-listener": "~1.1", From dffaa9dabc5db097ec3f88a57f0971da3e0d1977 Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Wed, 25 Mar 2015 13:10:22 -0500 Subject: [PATCH 11/11] Remove PHP 7 from .travis.yml PHP 7 tests keep segfaulting. Ironically, all the tests run, and *then* it segfaults, exiting with 139. Seems to be b/c xdebug is not installed for PHP 7, but I don't care enough about PHP 7 to try and fix this. Not yet, anyhow. Here's an example of a PHP 7 segfault: ``` PHP 7.0.0-dev (cli) (built: Mar 24 2015 11:08:38) Copyright (c) 1997-2015 The PHP Group Zend Engine v3.0.0-dev, Copyright (c) 1998-2015 Zend Technologies with Zend OPcache v7.0.4-dev, Copyright (c) 1999-2015, by Zend Technologies ... snip ... PHPUnit 4.5.0 by Sebastian Bergmann and contributors. Configuration read from /home/travis/build/jeremykendall/slim-auth/travis.xml The Xdebug extension is not loaded. No code coverage will be generated. ................... Time: 542 ms, Memory: 8.00Mb OK (19 tests, 51 assertions) Collecting CodeCoverage information... Sending coverage output... /home/travis/build.sh: line 41: 3460 Segmentation fault phpunit -c travis.xml travis_time:end:3140e8da:start=1427306427954747720,finish=1427306428622564267,duration=667816547 [0K [31;1mThe command "phpunit -c travis.xml" exited with 139.[0m Done. Your build exited with 1. ``` --- .travis.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 389bd55..7ad8e20 100644 --- a/.travis.yml +++ b/.travis.yml @@ -5,7 +5,6 @@ php: - 5.4 - 5.5 - 5.6 - - '7' before_script: - composer self-update